<?php

	function REPLACE_ComillasInteligentes($valor)
	{
		// Retirar las barras
		if (get_magic_quotes_gpc())
		   $valor = stripslashes($valor);
		
		// Colocar comillas si no es entero
		if (!is_numeric($valor))
		   $valor = "'" . mysql_real_escape_string($valor) . "'";

		return $valor;	
	}
	
	function REPLACE_Injection($cad)
	{
		$cad = stripslashes($cad);
		$malas = array('DROP','INSERT', 'DELETE', 'SELECT', 'xp_', ';', '--', '\'', '"');      
		$cad = str_replace($malas, "", $cad);
		//$cad = REPLACE_ComillasInteligentes($cad);
		return $cad;	
	}
	
	function REPLACE_Load($cad)
	{
		$malas = array('.', '/');
		$cad = str_replace($malas, "", $cad);
		return $cad;
	}
	
	function REPLACE_InjectionArray($a)
	{
		$i = 0;
		foreach($a as $v)
		{
			if($_GET["PHPSESSID"]!=$v)
			{
				$aux[$i] = REPLACE_Injection($v);
				$i++;				
			}
		}
		return $aux;
	}	
?>